Integration Cloud 7.0.0 | Applications | Predefined Applications | Salesforce® CRM REST
 
Salesforce® CRM REST
Integration Cloud connects to Salesforce® CRM REST using the REST API and allows you to manage security for inbound requests, log payloads and specify run-time performance conditions for consumers for outbound requests. It also supports multiple authentication mechanisms.
Note:
Click here for answers to some of the most common questions on Account configuration.
Field
Description
Server URL
Provide the login endpoint to initiate communication with the SaaS provider. For example, https://<instance>.salesforce.com. Replace <instance> with your actual Salesforce instance.
Issuer
Applicable when you select the OAuth V2.0 (JWT Flow) as the Authentication Type. This is the Client ID, or Identifier, or name of the server or system issuing the JWT token.
Subject
Applicable when you select the OAuth V2.0 (JWT Flow) as the Authentication Type. This is the identifier or the name of the user this token represents.
Consumer ID
Also referred to as the Client ID, this is a client identifier issued to the client to identify itself to the authorization server.
Consumer Secret
Also referred to as the Client Secret, this is a secret matching to the client identifier.
Refresh Token
A token used by the client to obtain a new access token without involving the resource owner.
Refresh URL
This is the provider specific URL to refresh an Access Token, for example, https://login.salesforce.com/services/oauth2/token.
JWT Keystore
The keystore used to encrypt the JWT payload.
Use the same keystore which contains the private key of the certificate (Public keys) uploaded in the Digital Certificate section on your Connected Apps in Salesforce.
JWT Key Alias
This alias is the value that is used to sign the outgoing request from Integration Cloud to the authentication server. It is auto-populated based on the keystore selected in the JWT Keystore field. This field lists all the aliases available in the chosen keystore. You must provide a key alias to sign the JWT payload.
Expiration Time(mins)
Expiration Time (mins) is the time after which the JWT token expires. The generated access token might be valid post expiration time as well.
Access Token
This token is used for authentication and is issued by the Authorization Server. Salesforce REST APIs use OAuth 2.0. The access token is passed when you invoke any of the REST API endpoints and is valid for one hour. It is not affected by password changes. The client application is responsible for storing and protecting this token. You can manage the Salesforce REST connection by enabling the connection pool and session management.
If you have selected the OAuth V2.0 (JWT Flow) as the Authentication Type, Integration Cloud will get an Access Token using the JWT flow after you save the Account.
Response Timeout
The number of milliseconds Integration Cloud waits for a response before canceling its attempt to connect to the back end. In case the network is slow or the back end processing takes longer than usual, increase the Response Timeout value. It is recommended to specify a value other than 0. If you specify 0, Integration Cloud will wait indefinitely for a response.
Retry Count on Response Failure
The number of times Integration Cloud attempts to connect to the back end to read a response if the initial attempt fails. If an I/O error occurs, it will retry only if you have selected the Retry on Response Failure option.
Retry on Response Failure
Whether Integration Cloud should attempt to resend the request when the response has failed, even though the request was sent successfully. Select this option if you want to re-establish the connection.
Session Timeout (min)
The number of minutes you want Integration Cloud to wait before terminating an idle session. The value should be equal to the session timeout value specified at the SaaS provider back end.
Trust store Alias
Select the alias name of the Integration Cloud trust store configuration. The trust store contains trusted certificates used to determine trust for the remote server peer certificates. You can also add a new Truststore from this field.
Enable Connection Pooling
Select this option if you want to enable connection pooling for a connection.
Integration Cloud includes a connection management service that dynamically manages connections and connection pools based on configuration settings that you specify for the connection. A connection pool is a collection of connections with the same set of attributes. Connection pools improve performance by enabling Integrations to reuse open connections instead of opening new connections for every service request.
When you enable connection pooling, Integration Cloud creates the number of connection instances you specified in the connection's Minimum Pool Size field. Whenever an Integration needs a connection, Integration Cloud provides a connection from the pool. If no connections are available in the pool, and the Maximum Pool Size has not been reached, Integration Cloud creates one or more new connections (according to the number specified in the Pool Increment Size field) and adds them to the connection pool.
If the pool is full (as specified in the Maximum Pool Size field), the requesting service will wait for Integration Cloud to obtain a connection till one sec, until a connection becomes available. Periodically, Integration Cloud inspects the pool and removes inactive connections that have exceeded the expiration period of one sec.
Minimum Pool Size
The minimum number of connection objects that remain in the connection pool at all times, if connection pooling is enabled. When the connector creates the pool, it creates this number of connections.
Maximum Pool Size
The maximum number of connection objects that can exist in the connection pool if connection pooling is enabled. When the connection pool has reached its maximum number of connections, the connector will reuse any inactive connections in the pool, or, if all connections are active, it will wait for a connection to become available.
Pool Increment Size
The number of connections by which the pool will be incremented, up to the maximum pool size, if connection pooling is enabled and connections are needed.
Hostname verifier
Select a hostname verifier implementation. Guards against man-in-the-middle (MITM) attacks. The default is org.apache.http.conn.ssl.DefaultHostnameVerifier, which will enable hostname verification. Select org.apache.http.conn.ssl.NoopHostnameVerifier to disable hostname verification.
Keystore Alias
Select the alias for the Integration Cloud key store configuration. This is a text identifier for the keystore alias. A keystore file contains the credentials (private key/signed certificate) that a client needs for authentication. You can also add a new Keystore from this field.
Client Key Alias
Alias to the private key in the keystore file specified in the Keystore Alias field. The outbound connections use this key to send client credentials to a remote server. To send the client’s identity to a remote server, you must specify values in both the Keystore Alias and the Client Key Alias fields.
Connection TimeOut
The number of milliseconds a connection waits before canceling its attempt to connect to the resource. If you specify 0, the connection waits indefinitely. It is recommended that you specify a value other than 0 to avoid using a socket with no timeout.
Connection Retry Count
The number of times the system should attempt to initialize the connection at startup if the initial attempt fails.
The system retries to establish a connection when an I/O error occurs while sending the request message to the back end. If an I/O exception occurs when the system is reading a response back from the back end, the system will only retry if Retry on Response Failure is enabled.
Keep Alive Interval
The keep alive interval in milliseconds defines the interval for which a connection will be kept alive, if the back end does not respond with a Keep-Alive header. A value > 0 keeps the connection alive for the specified value. The default value of -1 implies that the connection will be kept alive until a request fails due to a connection error.
Grant Type
Specify the grant type through which applications can gain Access Tokens and by which you grant limited access to your resources to another entity without exposing credentials. The Authorization Code grant type is used by confidential and public clients to exchange an authorization code for an access token. The Refresh Token grant type is used by clients to exchange a refresh token for an access token when the access token has expired.
Idle Timeout
The idle timeout interval in milliseconds defines the interval for which a connection will be kept alive if it's not in use. A value > 0 keeps the connection alive for the specified value. The default value of -1 implies that the connection will be kept alive until a request fails due to a connection error.
Block Timeout (msec)
The number of milliseconds that Integration Cloud will wait to obtain a connection with the SaaS provider before the connection times out and returns an error.
For example, you have a pool with Maximum Pool Size of 20. If you receive 30 simultaneous requests for a connection, 10 requests will be waiting for a connection from the pool. If you set the Block Timeout to 5000, the 10 requests will wait for a connection for 5 seconds before they time out and return an error. If the services using the connections require 10 seconds to complete and return connections to the pool, the pending requests will fail and return an error message stating that no connections are available.
If you set the Block Timeout value too high, you may encounter problems during error conditions. If a request contains errors that delay the response, other requests will not be sent. This setting should be tuned in conjunction with the Maximum Pool Size to accommodate such bursts in processing.
Default: 1000 msec
Expire Timeout (msec)
The number of milliseconds that an inactive connection can remain in the pool before it is closed and removed from the pool, if connection pooling is enabled.
The connection pool will remove inactive connections until the number of connections in the pool is equal to the Initial Pool Size. The inactivity timer for a connection is reset, when the connection is used by the Application.
This setting should be tuned in conjunction with the Initial Pool Size to avoid excessive opening and closing of connections during normal processing.
The general recommendation is to keep the Expire Timeout value equal to the Session Timeout value.
Default: 1000 msec
Enable SNI
Server Name Indication (SNI) is an extension to the TLS protocol by which a client indicates which host name it is attempting to connect to at the start of the handshaking process. Enable this option if the SaaS provider offers SNI-based TLS connectivity, and if you want to connect to an SNI enabled SAAS provider to send the host name specified in the Server URL field, as part of the TLS SNI Extension server_name parameter.
SNI Server Name
If you want to explicitly specify a host name to be included as a part of the SNI extension server_name parameter, in case the host name is other than the host name specified in the Server URL field, specify the host name value in the SNI Server Name field.